[ovs-discuss] [OVN] Packets flooded when using VLAN backed networks
Daniel Alvarez Sanchez
dalvarez at redhat.com
Fri Sep 11 15:57:45 UTC 2020
This is probably not a bug and not sure if much can be done about it but
thought of raising it here for discussion.
I have deployed a simple topology with two logical switches (VLAN backed
network), a logical router and a couple of VMs. When pinging between the
logical switches, all the traffic is flooded in the upstream switch.
Example using this logical  and physical  topologies, when pinging
from vm3 (worker2) to vm1 (worker1) and capturing traffic on host1:
15:50:18.790323 1e:02:ad:bb:aa:dd > 40:44:00:00:00:01, ethertype 802.1Q
(0x8100), length 102: vlan 190, p 0, ethertype IPv4, (tos 0x0, ttl 63, id
47366, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.13 > 192.168.0.11: ICMP echo request, id 1671, seq 11, length
15:50:18.790428 1e:02:ad:bb:aa:77 > 40:44:33:00:00:03, ethertype 802.1Q
(0x8100), length 102: vlan 170, p 0, ethertype IPv4, (tos 0x0, ttl 63, id
44948, offset 0, flags [none], proto ICMP (1), length 84)
192.168.0.11 > 192.168.1.13: ICMP echo reply, id 1671, seq 11, length 64
The reason is that, as we translate the eth.src to that of the
"ovn-chassis-mac-mappings", the ToR will never see a packet whose eth.src
is either vm1 or vm3 so it'll never learn their addresses and flood the
traffic to all ports.
In the example above:
[root at worker1 ~]# ovs-vsctl get open . external_ids:ovn-chassis-mac-mappings
[root at worker2 vagrant]# ovs-vsctl get open .
I understand that the benefit of using the ovn-chassis-mac-mappings is the
distributed routing capabilities but I wonder if we could come up with a
way of avoiding the flood.
In case somebody's interested in replicating this scenario, you can find a
vagrant setup here .
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the discuss